public async Task <IActionResult> LoginPost( ModIdentityServerWebMvcPartAccountViewLoginModel model, string action ) { var result = new ModIdentityServerWebMvcPartAccountCommonJobLoginResult(); var input = new ModIdentityServerWebMvcPartAccountJobLoginPostInput { Action = action, Model = model, ModelState = ModelState, UrlHelper = Url }; var(execute, onSuccess, onError) = MyModel.BuildActionLoginPost(input); try { result.Data = await execute().CoreBaseExtTaskWithCurrentCulture(false); onSuccess(result); } catch (Exception ex) { onError(ex, result); } return(input.Status switch { ModIdentityServerWebMvcPartAccountJobLoginPostEnumStatuses.Index => Redirect("~/"), ModIdentityServerWebMvcPartAccountJobLoginPostEnumStatuses.Redirect => View( "Redirect", new ModIdentityServerWebMvcViewRedirectModel { RedirectUrl = result.Data.ReturnUrl }), ModIdentityServerWebMvcPartAccountJobLoginPostEnumStatuses.Return => Redirect(result.Data.ReturnUrl), _ => View("~/Views/Account/Login.cshtml", result.Data), });
private async Task <ModIdentityServerWebMvcPartAccountJobLoginPostEnumStatuses> ProcessLoginPost( ModIdentityServerWebMvcPartAccountViewLoginModel model, string action, IEventService events, ModelStateDictionary modelState, SignInManager <DataEntityObjectUser> signInManager, IUrlHelper urlHelper, UserManager <DataEntityObjectUser> userManager, IIdentityServerInteractionService interaction, IClientStore clientStore ) { // check if we are in the context of an authorization request var context = await interaction.GetAuthorizationContextAsync(model.ReturnUrl) .CoreBaseExtTaskWithCurrentCulture(false); // the user clicked the "cancel" button if (action != ModIdentityServerWebMvcSettings.ACTION_Login) { if (context != null) { // if the user cancels, send a result back into IdentityServer as if they // denied the consent (even if this client does not require consent). // this will send back an access denied OIDC error response to the client. await interaction.GrantConsentAsync(context, ConsentResponse.Denied) .CoreBaseExtTaskWithCurrentCulture(false); var isPckeRequired = await clientStore.ModIdentityServerWebExtClientIsPkceRequired(context.ClientId) .CoreBaseExtTaskWithCurrentCulture(false); // we can trust model.ReturnUrl since GetAuthorizationContextAsync returned non-null if (isPckeRequired) { // if the client is PKCE then we assume it's native, so this change in how to // return the response is for better UX for the end user. return(ModIdentityServerWebMvcPartAccountJobLoginPostEnumStatuses.Redirect); } return(ModIdentityServerWebMvcPartAccountJobLoginPostEnumStatuses.Return); } else { // since we don't have a valid context, then we just go back to the home page return(ModIdentityServerWebMvcPartAccountJobLoginPostEnumStatuses.Index); } } else if (modelState.IsValid) { var result = await signInManager.PasswordSignInAsync( model.Username, model.Password, model.RememberLogin, lockoutOnFailure : true ).CoreBaseExtTaskWithCurrentCulture(false); if (result.Succeeded) { var user = await userManager.FindByNameAsync(model.Username) .CoreBaseExtTaskWithCurrentCulture(false); await events.RaiseAsync( new UserLoginSuccessEvent( user.UserName, user.Id.ToString(), user.UserName, clientId : context?.ClientId ) ).CoreBaseExtTaskWithCurrentCulture(false); if (context != null) { var isPckeRequired = await clientStore.ModIdentityServerWebExtClientIsPkceRequired(context.ClientId) .CoreBaseExtTaskWithCurrentCulture(false); if (isPckeRequired) { // if the client is PKCE then we assume it's native, so this change in how to // return the response is for better UX for the end user. return(ModIdentityServerWebMvcPartAccountJobLoginPostEnumStatuses.Redirect); } // we can trust model.ReturnUrl since GetAuthorizationContextAsync returned non-null return(ModIdentityServerWebMvcPartAccountJobLoginPostEnumStatuses.Return); } // request for a local page if (urlHelper.IsLocalUrl(model.ReturnUrl)) { return(ModIdentityServerWebMvcPartAccountJobLoginPostEnumStatuses.Return); } else if (string.IsNullOrEmpty(model.ReturnUrl)) { return(ModIdentityServerWebMvcPartAccountJobLoginPostEnumStatuses.Index); } else { // user might have clicked on a malicious link - should be logged throw new ModIdentityServerBaseExceptionInvalidReturnUrl(); } } await events.RaiseAsync( new UserLoginFailureEvent( model.Username, "invalid credentials", clientId : context?.ClientId ) ).CoreBaseExtTaskWithCurrentCulture(false); throw new ModIdentityServerBaseExceptionLogin(); } return(ModIdentityServerWebMvcPartAccountJobLoginPostEnumStatuses.Default); }